Lately the information security of workplace tools, especially applications used for internal communication within companies, has become a topical issue. It’s good for organizations to be aware of the features and security levels of the applications they use, such as data storage practices, encryption of communication, and compliance with GDPR requirements.
It is important for European companies to ensure that their personal data is stored within the EU. The GDPR regulation implemented in 2018 strengthens the rights of individuals residing in the EU concerning their personal data, and requires organizations to process personal data only if there is a legal basis for doing so. However, when dealing with jurisdictions outside the EU, there may be laws such as the CLOUD Act, which allows US authorities to demand full access to stored data from any US based company, even if the server is located in a completely different part of the world.
The location of data storage matters, which is why it is important to have European and Finnish solutions in the market. When appropriate tools and systems are in place, there is no need to fear the leakage of critical information to external parties.
When there are issues with data security, the consequences can be significant. As an example, we can mention a news article from Yle (22nd May 2023), which reports on the €1.2 billion fine imposed on Meta by the EU due to violations of EU privacy regulations. The fine was a result of European Facebook users’ data being transferred to US servers. According to the EU, the data could have ended up in the hands of US intelligence agencies. Meta intends to appeal the decision and has also threatened to shut down its popular services like Facebook, Instagram and WhatsApp if the United States and the EU fail to reach an agreement on the matter.
In the development process of Secapp, data security issues have been taken seriously and paid attention to long before the implementation of GDPR. In the service, customer data always remains in Finland on highly secure servers. As a Finnish system, Secapp and its users can operate independently of other countries. Secapp enables various security features, including data backup and recovery, remote management of data, content encryption and the ability to delete data from users’ devices. The application is well-suited for everyday messaging as well as emergency situations, with familiar features such as the chat, sharing of images and attachments, and video calls.
It is essential to critically evaluate the systems and practices used in business operations from a data security perspective. A secure and reliable system provides peace of mind and minimizes the changes of unpleasant consequences that can arise from security breaches and leaks. A comprehensive solution like Secapp enables the management of multiple functions through a single system, eliminating the need for personnel to learn and use multiple systems separately. The solution can also be tailored to the specific needs of different organizations – Secapp is widely used in various fields such as healthcare, public administration, and manufacturing industries.
Point of comparison | Secapp | SMS | Instant messaging applications (e.g. WhatsApp, Messenger, Telegram) | Phone calls |
---|---|---|---|---|
Cost of sending messages | Free / included in the monthly fee | Each message is charged separately | Free / included in the download fee | Each phone call is charged separately |
Support for mass messaging / reaching large numbers of people quickly | Yes | Yes, but prone to delays | Yes | No, each person has to be called separately |
Supports multiple different communication channels to reach people regardless of their device | Yes (mobile application, SMS, Virve, email, robot calls, PC application) | No | No | No |
Suitable for critical instant communication | Yes | No | Yes (note! data security) | Yes, if there’s a small amount of people |
Ability to bypass phone’s silent mode settings | Yes | No | No | No (usually) |
Ways to ensure that the message reaches the right person | Yes (authentication, controlling of contact information) | No | Yes, however there’s a risk of involving an external person in discussions during crisis situations | Yes |
Compiling message responses in a structured format to the sender | Yes (quick responses ok/nok) | No (usually) | No | No |
Message automation, for example, automatically providing additional information to those who responded in a certain way | Yes | No (usually) | No | No |
Message targeting based on skills, groups or location information | Yes | No | No | No |
Message template management (ready-made operating instructions, pre-selected recipients and channels) | Yes | No | No | No |
Support for attachments (images, videos, audio files, etc.) | Yes | No | Yes | No |
Support for structured checklists/forms | Yes | No | No | No |
Support for documenting target information and assets | Yes | No | No | No |
Access control / access limited to own personnel | Yes (different user levels have access to varying levels of content and functionalities) | No (usually) | No | No |
Content management, e.g. ability to delete content centrally | Yes | No | No | No |
Integration capability for automated content management | Yes (AD and API based ) | No (usually) | No | No |
SSL encrypted communication | Yes (AES-256 encryption also supported) | No | Yes | No |
Device management, including the ability to revoke access from an individual device, e.g. in cases of device loss | Yes | No | No | No |
Ability to enforce security features on devices before use (e.g. screen lock, encryption) | Yes | No | No | No |
Audit logs and GDPR compliance, e.g. the ability to compile information about the data stored in the system | Yes | No | No | No |
Data retained in Finland (secure data centers) | Yes | Yes | No | No |
Data backups and recovery options | Yes | No | No | No |